By NHI Mgmt Group Editorial TeamPublished 2026-04-30Domain: Cyber SecuritySource: Illumio

TL;DR: Anthropic’s Project Glasswing shows AI can autonomously scan production software, write working exploits, and chain flaws into full attack sequences with an 83% first-attempt success rate, intensifying an already strained CVE pipeline, according to Illumio. The security model is shifting from patch-first thinking to containment, segmentation, and least-privilege control because remediation cannot keep pace with discovery.


At a glance

What this is: Anthropic’s Project Glasswing demonstrates that AI can uncover and weaponise software flaws at machine speed, making vulnerability discovery faster than human remediation.

Why it matters: For IAM and security teams, the issue is not only patch velocity but whether identity controls, segmentation, and privilege boundaries can limit blast radius after an exploit lands.

By the numbers:

👉 Read Illumio's analysis of how Project Glasswing changes cybersecurity


Context

AI-assisted vulnerability discovery changes the security problem from one of finding flaws to one of absorbing an endless stream of newly exploitable exposure. When discovery accelerates beyond remediation, the organisation’s real control question becomes whether lateral movement, privilege abuse, and service-to-service trust can be contained before attackers convert a fresh CVE into impact.

That matters to identity programmes because containment is never only a network problem. Least privilege, just-in-time access, and continuously verified access boundaries reduce what an attacker can do after initial compromise, while unmanaged service accounts and broad trust relationships turn a new exploit into a broader identity event.


Key questions

Q: What breaks when AI can find exploitable software flaws faster than teams can patch them?

A: Patch-centric security breaks because remediation assumes there is time to test, approve, and deploy fixes before attackers act. When discovery and exploit creation happen at machine speed, the organisation needs controls that already exist at the moment of compromise, especially segmentation, least privilege, and path-based prioritisation. The risk shifts from vulnerability existence to reachable exposure.

Q: Why do vulnerable systems become more dangerous when containment is weak?

A: A vulnerability becomes more dangerous when attackers can move laterally, reuse trust relationships, or inherit broad privileges after initial access. Weak containment turns a single flaw into an environment-wide problem because the exploit path is not isolated. Identity controls matter here because persistent admin rights and broad service-account scope increase the blast radius.

Q: How do security teams know if containment is actually working against fast-moving exploits?

A: Containment is working when a realistic compromise cannot reach critical assets, cannot escalate privileges easily, and cannot move freely between segments. Teams should test live access paths, not just policy statements, and measure whether critical systems remain unreachable from low-trust zones. If an exploit still has a short route to high-value assets, containment is incomplete.

Q: What should organisations do first when exploit discovery is moving faster than remediation?

A: Start by ranking exposure paths, not by trying to eliminate every vulnerability equally. Define the systems that matter most, reduce standing privilege around them, and validate segmentation against real traffic. Then tie incident response to isolation and continuity of operations, because speed of containment now matters more than the speed of patch completion.


Technical breakdown

Machine-speed vulnerability discovery and exploit chaining

Project Glasswing shows a model can move beyond passive code review into autonomous vulnerability discovery, exploit generation, and multi-step chaining. That matters because the attacker does not need to wait for a human operator to test each step. In practice, the model’s output compresses recon, proof-of-concept creation, and exploit assembly into a short runtime loop, which is why disclosure and remediation timelines become the bottleneck. The problem is not only more bugs. It is a faster path from flaw to weaponised access.

Practical implication: treat exploitability as a live runtime condition, not a post-disclosure cleanup task.

Why patching breaks when disclosure becomes continuous

Traditional patch management assumes there is enough time to inventory, test, approve, deploy, and verify fixes before attackers operationalise a flaw. That assumption fails when critical vulnerabilities appear continuously and exploitation can begin on the same day as disclosure. Even a strong remediation programme cannot close every window fast enough across a large estate with dependency chains and change controls. The result is not patch failure alone. It is a mismatch between control tempo and attack tempo.

Practical implication: reweight prioritisation toward exposure paths and business-critical assets instead of patch queues alone.

Containment, segmentation, and identity controls as the real backstop

When prevention cannot keep up, containment becomes the security control that determines outcome. Microsegmentation limits where an initial exploit can travel, while identity controls limit what a compromised process or operator can do inside a segment. Least privilege, just-in-time access, and continuous verification all reduce the usable power of a stolen foothold. In other words, identity and segmentation are complementary: one limits reach, the other limits authority.

Practical implication: pair segmentation with privilege minimisation so one exploit does not become an environment-wide incident.


Threat narrative

Attacker objective: The attacker’s objective is to convert a newly disclosed weakness into fast, repeatable access before defenders can patch or isolate the affected system.

  1. Entry occurs when AI-assisted discovery identifies an exploitable weakness in production software and turns it into a working exploit.
  2. Escalation follows when the exploit is chained with additional flaws or trust relationships to reach broader execution or privilege.
  3. Impact happens when attackers use the resulting foothold to move laterally, reach critical assets, or trigger data exposure at scale.

NHI Mgmt Group analysis

AI vulnerability discovery is turning patch-first security into a control-timing problem. Once exploit creation is compressed into minutes or hours, the limiting factor is no longer whether a team can identify the flaw. It is whether the environment already restricts movement, privilege, and trust. That changes the governance question from remediation speed to exposure tolerance. Practitioners should treat control timing as a first-class risk metric.

Containment is becoming the primary resilience control because prevention can no longer be assumed. The article’s core argument is that defenders cannot rely on blocking every vulnerability before it is weaponised. That does not make prevention irrelevant, but it does make path limitation and authority limitation the controls that decide whether an exploit becomes an outage. Security programmes should therefore anchor resilience planning in segmentation, least privilege, and verified access boundaries.

Identity controls now sit inside the blast-radius problem, not beside it. A compromised system with excessive service-account authority or broad administrative access can turn a local exploit into a much larger incident. This is where identity governance matters in cyber resilience: if access is persistent, broad, and weakly checked, containment weakens even when network controls exist. Practitioners should audit standing privilege as part of resilience, not only IAM hygiene.

Path-based risk prioritisation is the named concept this shift demands. The article makes clear that the question is no longer which assets are vulnerable in theory, but which paths are reachable in practice. That reframes vulnerability management around exploit paths, trust edges, and criticality. Teams that can map and reduce those paths will absorb machine-speed discovery far better than teams that only chase patch backlogs. The practical conclusion is to manage exposure topology, not just CVE counts.

AI-assisted disclosure will also stress governance around third-party software dependency. When vulnerabilities are found faster than vendors and customers can coordinate fixes, accountability shifts toward knowing which dependencies matter most and where they sit in the business path to impact. That creates pressure for more explicit ownership between application teams, infrastructure teams, and identity teams. Practitioners should prepare for a world where governance evidence, not just patch status, becomes the auditable control signal.

What this signals

Path-based risk prioritisation: the useful programme shift is from counting vulnerabilities to understanding which attack paths matter most. That means security leaders should combine exposure management, segmentation, and identity governance into one operational view, because a fast-moving exploit only becomes a crisis when it can reach something important. For a deeper control lens, map those decisions against NIST SP 800-53 Rev 5 Security and Privacy Controls.

Identity teams should expect more pressure to justify standing privilege, delegated access, and service-account scope as part of resilience reporting. In a machine-speed disclosure world, the question is not whether a control exists on paper, but whether it prevents an initial exploit from becoming an access expansion event. That is where IAM, PAM, and segmentation now intersect.

Security architecture will increasingly be evaluated by blast-radius reduction rather than by prevention claims. Organisations that can prove critical assets are isolated and identity authority is constrained will absorb rapid vulnerability discovery more effectively than those that depend on patch cycles alone.


For practitioners

  • Define your protect surface Identify the systems whose compromise would materially change business risk, then map the access paths into those systems. Focus on where identity boundaries and network reach overlap, because that is where containment either holds or fails. If you cannot describe the shortest path to critical assets, you cannot prioritise response effectively.
  • Reduce standing authority around critical systems Review service accounts, admin roles, and automated workflows that can reach high-value assets. Remove unnecessary persistence, narrow scope, and use just-in-time access where operationally possible so a compromised exploit path does not inherit broad authority.
  • Test containment against realistic exploit paths Validate segmentation policies and access boundaries using the paths an attacker would actually use, not only policy diagrams. Use the same approach for identity boundaries, especially where privileged access, service-to-service authentication, or delegated access connects multiple tiers.
  • Shift patch reporting to exposure reporting Report which vulnerabilities are reachable from user-facing or privileged paths, which assets are isolated, and which segments still allow lateral movement. That gives leadership a clearer view of residual risk than raw CVE counts alone.

Key takeaways

  • AI-assisted vulnerability discovery is compressing the gap between flaw disclosure and exploit use, which makes patch-first assumptions unreliable.
  • The operational evidence points to a growing mismatch between remediation timelines and disclosure velocity, so exposure path management becomes the practical control question.
  • Containment, segmentation, and least privilege are now resilience controls, not secondary hardening measures.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

MITRE ATT&CK address the attack and risk surface, while NIST CSF 2.0, NIST SP 800-53 Rev 5, CIS Controls v8 and NIST AI RMF set the governance and control requirements practitioners need to meet.

FrameworkControl / ReferenceRelevance
MITRE ATT&CKTA0006 , Credential Access; TA0008 , Lateral MovementThe article centers on exploit chaining and movement after initial compromise.
NIST CSF 2.0PR.AC-4Least-privilege access is a core part of the containment response described.
NIST SP 800-53 Rev 5AC-6The piece repeatedly argues for limiting what a compromised system can do.
CIS Controls v8CIS-6 , Access Control ManagementAccess control management underpins the identity and containment recommendations.
NIST AI RMFMANAGEAI-assisted vulnerability discovery requires ongoing governance of model-driven risk.

Map likely exploit paths to credential access and lateral movement tactics, then block them with containment controls.


Key terms

  • Path-Based Risk Prioritisation: A control approach that ranks vulnerabilities by whether an attacker can actually reach and use them in a given environment. It shifts attention away from raw CVE counts and toward the paths, trust edges, and privilege boundaries that determine real-world impact.
  • Containment-Led Resilience: A security posture that assumes prevention will fail often enough that limiting spread becomes the decisive control. It combines segmentation, least privilege, and response isolation so a compromised system cannot easily become a broader incident.
  • Machine-Speed Exploitability: The condition where vulnerability discovery, exploit creation, and attack chaining happen faster than human remediation workflows. It matters because disclosure, testing, and patch approval no longer keep pace with the rate at which attackers can weaponise a flaw.
  • Blast Radius: The scope of damage an attacker can cause after gaining a foothold. In practice, it depends on how far a compromise can move, what privileges it can inherit, and how much critical infrastructure is reachable from the initial point of entry.

What's in the full article

Illumio's full blog covers the operational detail this post intentionally leaves for the source:

  • The specific containment workflow used to prioritise systems by reachability rather than by CVE count.
  • The practical segmentation sequence for protecting high-value assets first, including how policies are validated against real traffic.
  • The identity-control examples behind least privilege and just-in-time access in a containment-led resilience model.
  • The article's framing on how to turn response planning into isolation, continuity, and recovery decisions.

👉 Illumio's full blog expands on the containment model, segmentation priorities, and response decisions for machine-speed vulnerability discovery.

Deepen your knowledge

The NHI Foundation Level course, the industry's only accredited NHI security programme, covers NHI governance, secrets management, workload identity, and IAM fundamentals. It helps security practitioners connect identity controls to broader resilience and containment decisions.
NHIMG Editorial Note
Published by the NHIMG editorial team on 2026-04-30.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org